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DETAILED ACTION 

ELECTION/RESTRICTIONS 

1 . Applicant's election with traverse of Invention I in the reply filed on 09/22/2008 is 
acknowledged. The traversal is on the ground(s) that the search and examination of the 
claims categorized under Group I and Group II of the instant application can be made 
without serious burden, assuming that the claims describe independent or distinct 
inventions. This is not found persuasive because it would be a burden to search the 
two different inventions categorized in two different classes and subclasses. 

The requirement is still deemed proper and is therefore made FINAL. 

2. Claims 22-30 are withdrawn from further consideration pursuant to 37 CFR 

1 .142(b), as being drawn to a nonelected Invention II, there being no allowable generic 
or linking claim. Applicant timely traversed the restriction (election) requirement in the 
reply filed on 09/22/2008. 

I. OBJECTIONS TO THE CLAIMS 

3. Claims 14-15 and 22-30 are objected to because of the following informalities: 
in claim 14, line 1 , "its own security" should be replace with -the target object's 

own security-. 

As per claims 15, as there are two claims 15, one of the claims need to be 
properly renumbered. 
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As per claims 22-30, the status of claims 22-30 should be updated from 
"(Original)" to -(Withdrawn)-. 

Appropriate correction is required. 

II. REJECTIONS BASED ON 35 U.S.C. 112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

4. Claims 4, 5, 10, 15 and 31 are rejected under 35 U.S.C. 112, second paragraph, 
as being indefinite for failing to particularly point out and distinctly claim the subject 
matter which applicant regards as the invention. 

Claim 4 recites the limitation "the same process" in line 2. There is insufficient 
antecedent basis for this limitation in the claim. 

Claim 15 recites the limitation "the capabilities" in line 1. There is insufficient 
antecedent basis for this limitation in the claim. 

Claim 31 recites the limitation "the capabilities" in line 2. There is insufficient 
antecedent basis for this limitation in the claim. 

As per claim 4, it is not fully clear which same process the applicant is referring 
to; the examiner will assume the claimed limitation of "a same process" for the current 
examination. 
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As per claim 5, in line 3, it is not fully clear if "other interfaces" is the 
same/different other interface previously recited; the examiner will assume the claimed 
limitation of "the other interfaces" for the current examination. 

As per claim 10, in line 2, it is not fully clear if "other interfaces" is the 
same/different other interface previously recited; the examiner will assume the claimed 
limitation of "the other interfaces" for the current examination. 

As per claims 15, as there seems to have two claim 15s, the examiner will 
assume the first claimed 1 5 to be claim 31 and the second claim 1 5 to be claim 1 5 for 
the current examination. 

As per claim 1 5, in line 2, it is not fully clear as to which interfaces the applicant is 
referring to; the examiner will assume the claimed limitation of "the other interfaces" for 
the current examination. 

As per claim 15, in line 1 , it is not fully clear as to which capabilities the applicant 
is referring to; the examiner will assume the claimed limitation of "mapping capabilities" 
for the current examination. 

As per claim 31 , in line 2, it is not fully clear if "other interfaces" is the 
same/different other interface previously recited; the examiner will assume the claimed 
limitation of "the other interfaces" for the current examination. 

As per claim 31 , in line 2, it is not fully clear as to which capabilities the applicant 
is referring to; the examiner will assume the claimed limitation of "determining 
capabilities of the external object" for the current examination. 
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III. REJECTIONS BASED ON 35 U.S.C. 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

5. Claim 21 is rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. As "computer readable medium" can be signal 
wave (i.e. wireless medium) along (Specification, [0074]), wherein signal wave is non- 
statutory subject matter. 

IV. REJECTIONS BASED ON PRIOR ART 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 1-21 and 31 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Scheifler etal. (US Patent 6,1 38,238) in view of Colburn et al. (US Patent 
6,173,404). 



7. As per claims 1 and 1 9-21 , Scheifler teaches a method, a system and a 
computer readable medium storing instructions for controlling a computer device for 
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controlling access to an object in an operating system, the method, system and 
computer readable medium comprising: 

a module configured means for receiving a call from an external thread (Fig. 6, 
ref. 620) to a first interface (e.g. write to any file in a directory, such as "c:/") of a target 
object (Fig. 6, ref. 4500-1 ) (Fig. 1 ; Fig. 4-5; col. 4, 1. 51 to col. 5, 1. 3 and col. 9, 1. 1 1 to 
col. 14, 1. 38); 

a module configured with means for determining whether the external thread has 
access to other interfaces (e.g. write to any specific file in the directory, such as 
"c:/thisfile") of the target object based on the call received at the first interface (Fig. 4-5 
and col. 11, 1. 20 to col. 13, 1. 45), wherein the determination is in association with 
implied permission; and 

a module configured with means for to grant access to the other interfaces 
according to the determination (Fig. 4-5 and col. 11, 1. 20 to col. 13, 1. 45). 

Scheifler does not expressly teach the method, system and computer readable 
medium comprising: wherein the call from an object; and determining at the target 
object access to the other interfaces; 

Colburn teaches the method, system and computer readable medium 
comprising: a call received from an object (Fig. 5, ref. 100) and determining at a target 
object (Fig. 8, ref. 160) access to other interfaces (col. 1, 1. 12 to col. 3, 1. 45; col. 7, II. 
26-52 and col. 1 1, II. 25-51), in combination with Scheifler 's above teaching of implied 
permission, the resulting combination further teaches the target object implementing 
access authorization in association with implied permission to other interfaces. 
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It would have been obvious for one of ordinary skill in this art, at the time of 
invention was made to include Col burn 's inter-object security scheme into Scheifler 's 
object for the benefit of implementing a more robust security scheme between objects 
( Colburn , col. 3, II. 34-37) to obtain the invention as specified in claims 1 and 19-21 . 

8. As per claim 2, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising wherein 
determining whether the external object has access to other interfaces of the target 
object further comprises examining a security policy ( Colburn , Fig. 8, ref. 184, 194) 
contained within the target object ( Colburn . Fig. 8, ref. 160) ( Colburn . Fig. 7A-7B; Fig. 8 
and col. 11,1.25 to col. 12,1.58). 

9. As per claim 3, Scheifler and Colburn teach all the limitation of claim 2 as 
discussed above, wherein Colburn further teaches the method comprising wherein the 
security policy is contained entirely within the target object ( Colburn . Fig. 8). 

10. As per claim 4, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method further comprising 
determining whether the external object and the target object operate in a same process 
(e.g. same class of valid digital signature or not) ( Scheifler . col. 9, 1. 52 to col. 11,1. 19). 
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11. As per claim 5, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method comprising wherein 
determining whether the external object has access to other interfaces of the target 
object further comprises: identifying the other interfaces of the target object that can be 
accessed when the first interface is being requested by the external object ( Scheifler . 
col. 1 1, 1. 20 to col. 13, 1. 45), as the other interfaces must be identified in order to 
proper grant the permission via the implied permission. 

12. As per claim 6, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising determining 
a first process of the target object ( Scheifler , col. 9, 1. 52 to col. 1 1 , 1. 1 9 and Colburn . 
Fig. 8; Fig. 10; col. 1, 1. 12 to col. 3, 1. 45), such as determining whether the target 
object's first process corresponds to either valid digital signature with known keys or 
digital signature that cannot be verified thus a default key is utilized. 

1 3. As per claim 7, Scheifler and Colburn teach all the limitation of claim 6 as 
discussed above, wherein both further teach the method further comprising determining 
a second process of the external object ( Scheifler . col. 9, 1. 52 to col. 11, 1. 19 and 
Colburn . Fig. 8; Fig. 1 0; col. 1 , 1. 1 2 to col. 3, 1. 45), such as determining whether the 
external object's second process corresponds to either valid digital signature with known 
keys or digital signature that cannot be verified thus a default key is utilized. 
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14. As per claim 8, Scheifler and Colburn teach all the limitation of claim 7 as 
discussed above, wherein both further teach the method further comprising performing 
a cross-process communication between the target object and the external object 
( Scheifler , col. 9, 1. 52 to col. 11,1. 19 and Colburn . Fig. 8; Fig. 10; col. 1, 1. 12 to col. 3, 
I. 45; col. 13, 1. 44 to col. 14, 1. 34), such as allowing restrictive access to the target 
object as the target object is under valid digital signature process and the external 
object is not under valid digital signature process. 

1 5. As per claim 9, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising securing a 
channel for each interface of the target object ( Scheifler , col. 9, 1. 52 to col. 1 1, 1. 19 and 
Colburn . Fig. 8; Fig. 10; col. 1 , 1. 12 to col. 3, 1. 45; col. 13, 1. 44 to col. 14, 1. 34), as the 
channel is secured via a cryptographic key over a network between client and server. 

16. As per claim 1 0, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method comprising wherein 
determining whether the external object has access to the other interfaces of the target 
object further comprises analyzing access constraints within the target object ( Scheifler . 
col. 11,1.20 to col. 13, 1. 45 and Colburn . Fig. 7A-7B; Fig. 8; col. 13,1.44 to col. 14,1. 
34), as the analyzing of the implied permission is located within the target object. 
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1 7. As per claim 1 1 , Scheifler and Col burn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising analyzing 
interface access data stored within the target object ( Scheifler , col. 1 1 , 1. 20 to col. 13, 1. 
45 and Colburn , Fig. 7A-7B; Fig. 8; col. 13, 1. 44 to col. 14, I. 34). 

18. As per claim 1 2, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method further comprising determining 
whether the target object and the external object are in a same protection domain 
( Scheifler , Fig 4; col. 11, 1. 20 to col. 13, 1. 45 and Colburn , Fig. 8). 

1 9. As per claim 1 3, Scheifler and Colburn teach all the limitation of claim 1 2 as 
discussed above, wherein both further teach the method comprising wherein the 
protection domain is a process ( Scheifler , Fig 4 and col. 9, 1. 52 to col. 13, 1. 45 and 
Colburn , Fig. 8), wherein the process is associated with valid digital signature and un- 
validated digital signature. 

20. As per claim 14, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising wherein the 
target object sets target object's own security policy ( Colburn . Fig. 8), the target object 
sets target object's own security policy as the access constraints and access 
authorization resides within the target object. 
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21 . As per claim 31 , Scheifler and Col burn teach all the limitation of claim 1 as 
discussed above, wherein Scheifler further teaches the method comprising wherein 
determining whether the external object has access to the other interfaces further 
comprises determining capabilities of the external object ( Scheifler , col. 9, 1. 52 to col. 
13, 1. 45), as the capability corresponds to the capability of transferring data along with 
the know key or without the know key. 

22. As per claim 15, Scheifler and Colburn teach all the limitation of claim 14 as 
discussed above, wherein Colburn further teaches the method comprising further 
comprising mapping capabilities of the external object to the other interfaces of the 
target object ( Scheifler , col. 9, 1. 52 to col. 13, 1. 45), such as mapping the capability of 
transferring data with the know key to other interfaces for grater access. 

23. As per claim 16, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein both further teach the method comprising wherein the target 
object and the external object are created using a same methodology (e.g. object 
oriented by Java) ( Scheifler . col. 9, 1. 52 to col. col. 11, 1. 19 and Colburn . col. 1, 1. 12 to 
col. 3, 1. 45). 



24. As per claim 1 7, Scheifler and Colburn teach all the limitation of claim 1 as 
discussed above, wherein Colburn further teaches the method comprising wherein the 
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target object and the external object are ' 
to col. 3, 1. 45). 
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in a view hierarchy ( Colburn , col. 1, 1. 12 



25. As per claim 1 8, Scheifler and Colburn teach all the limitation of claim 1 7 as 
discussed above, wherein Colburn further teaches the method comprising wherein a 
view has a parent calling interface, a child calling interface, and a child managing 
interface ( Colburn , col. 6, II. 29-52), as the hierarchal relation between parent-child is 
well known with the corresponding above interfaces for the parent and the child. 
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V. CLOSING COMMENTS 

Conclusion 

a. STATUS OF CLAIMS IN THE APPLICATION 

The following is a summary of the treatment and status of all claims in the 
application as recommended by M.P.E.P. 707.07(i): 

ad) CLAIMS REJECTED IN THE APPLICATION 

Per the instant office action, claims 1-21 and 31 have received a first action on 
the merits and are subject of a first action non-final. 

b. DIRECTION OF FUTURE CORRESPONDENCES 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Chun-Kuan (Mike) Lee whose telephone number is 
(571 ) 272-0671 . The examiner can normally be reached on 8AM to 5PM. 

IMPORTANT NOTE 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Alford Kindred can be reached on (571) 272-4037. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/C.K.L./ 

November 04, 2008 Chun-Kuan (Mike) Lee 

Examiner 
Art Unit 2181 

/Alford W. Kindred/ 

Supervisory Patent Examiner, Art Unit 2181 



